API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 23rd, 2020
60
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 42.22 KB | None | 0 0
raw download clone embed print report
  1. ========================== AUTO DUMP ANALYZER ==========================
  2. Auto Dump Analyzer
  3. Version: 0.91
  4. Time to analyze file(s): 00 hours and 01 minutes and 03 seconds
  5.  
  6. ================================= BIOS =================================
  7. VENDOR: American Megatrends Inc.
  8. VERSION: P1.30
  9. DATE: 05/25/2018
  10.  
  11. ============================= MOTHERBOARD ==============================
  12. MANUFACTURER: ASRock
  13. PRODUCT: B360 Pro4
  14.  
  15. ================================= RAM ==================================
  16. Size Speed Manufacturer Part No.
  17. -------------- -------------- ------------------- ----------------------
  18. 8192MB 2400MHz 8313 CL16-16-16 D4-2400
  19. 0MHz
  20. 8192MB 2400MHz 8313 CL16-16-16 D4-2400
  21. 0MHz
  22.  
  23. ================================= CPU ==================================
  24. Processor Version: Intel(R) Core(TM) i5-8400 CPU @ 2.80GHz
  25. COUNT: 6
  26. MHZ: 2808
  27. VENDOR: GenuineIntel
  28. FAMILY: 6
  29. MODEL: 9e
  30. STEPPING: a
  31. MICROCODE: 6,9e,a,0 (F,M,S,R) SIG: B4'00000000 (cache) B4'00000000 (init)
  32.  
  33. ================================== OS ==================================
  34. Product: WinNt, suite: TerminalServer SingleUserTS
  35. Built by: 19041.1.amd64fre.vb_release.191206-1406
  36. BUILD_VERSION: 10.0.19041.388 (WinBuild.160101.0800)
  37. BUILD: 19041
  38. SERVICEPACK: 388
  39. PLATFORM_TYPE: x64
  40. NAME: Windows 10
  41. EDITION: Windows 10 WinNt TerminalServer SingleUserTS
  42. BUILD_TIMESTAMP: unknown_date
  43. BUILDDATESTAMP: 160101.0800
  44. BUILDLAB: WinBuild
  45. BUILDOSVER: 10.0.19041.388
  46.  
  47. =============================== DEBUGGER ===============================
  48. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
  49. Copyright (c) Microsoft Corporation. All rights reserved.
  50.  
  51. =============================== COMMENTS ===============================
  52. * Information gathered from different dump files may be different. If
  53. Windows updates between two dump files, two or more OS versions may
  54. be shown above.
  55. * If the user updates the BIOS between dump files, two or more versions
  56. and dates may be shown above.
  57. * More RAM information can be found below in a full BIOS section.
  58.  
  59. ========================================================================
  60. ======================= Dump #1: ANALYZE VERBOSE =======================
  61. ====================== File: 072420-19921-01.dmp =======================
  62. ========================================================================
  63.  
  64. Mini Kernel Dump File: Only registers and stack trace are available
  65. Windows 10 Kernel Version 19041 MP (6 procs) Free x64
  66. Kernel base = 0xfffff806`43200000 PsLoadedModuleList = 0xfffff806`43e2a310
  67. Debug session time: Thu Jul 23 16:24:57.780 2020 (UTC - 4:00)
  68. System Uptime: 0 days 1:04:22.539
  69.  
  70. BugCheck 1000007E, {ffffffffc0000005, fffff80646e4d744, ffff9202e9ad6b38, ffff9202e9ad6370}
  71. *** WARNING: Unable to verify timestamp for vsdatant.sys
  72. *** ERROR: Module load completed but symbols could not be loaded for vsdatant.sys
  73. *** WARNING: Unable to verify timestamp for win32k.sys
  74. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
  75. Probably caused by : memory_corruption
  76. Followup: memory_corruption
  77.  
  78. SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
  79. This is a very common bugcheck. Usually the exception address pinpoints
  80. the driver/function that caused the problem. Always note this address
  81. as well as the link date of the driver/image that contains this address.
  82. Some common problems are exception code 0x80000003. This means a hard
  83. coded breakpoint or assertion was hit, but this system was booted
  84. /NODEBUG. This is not supposed to happen as developers should never have
  85. hardcoded breakpoints in retail code, but ...
  86. If this happens, make sure a debugger gets connected, and the
  87. system is booted /DEBUG. This will let us see why this breakpoint is
  88. happening.
  89.  
  90. Arguments:
  91. Arg1: ffffffffc0000005, The exception code that was not handled
  92. Arg2: fffff80646e4d744, The address that the exception occurred at
  93. Arg3: ffff9202e9ad6b38, Exception Record Address
  94. Arg4: ffff9202e9ad6370, Context Record Address
  95.  
  96. Debugging Details:
  97. DUMP_CLASS: 1
  98. DUMP_QUALIFIER: 400
  99. DUMP_TYPE: 2
  100. EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
  101. FAULTING_IP:
  102. NETIO!StreamInvokeCalloutAndNormalizeAction+5c
  103. fffff806`46e4d744 488b4808 mov rcx,qword ptr [rax+8]
  104. EXCEPTION_RECORD: ffff9202e9ad6b38 -- (.exr 0xffff9202e9ad6b38)
  105. ExceptionAddress: fffff80646e4d744 (NETIO!StreamInvokeCalloutAndNormalizeAction+0x000000000000005c)
  106. ExceptionCode: c0000005 (Access violation)
  107. ExceptionFlags: 00000000
  108. NumberParameters: 2
  109. Parameter[0]: 0000000000000000
  110. Parameter[1]: 0000000000000008
  111. Attempt to read from address 0000000000000008
  112. CONTEXT: ffff9202e9ad6370 -- (.cxr 0xffff9202e9ad6370)
  113. rax=0000000000000000 rbx=ffff9202e9ad6ee8 rcx=ffff9202e9ad6ee8
  114. rdx=ffffe78414d92010 rsi=ffff9202e9ad6eb0 rdi=ffffe78414d92010
  115. rip=fffff80646e4d744 rsp=ffff9202e9ad6d70 rbp=ffff9202e9ad6de9
  116. r8=ffffe78414d92010 r9=00000000000005a0 r10=ffffe784132889b0
  117. r11=0000000000000000 r12=0000000000000000 r13=ffff9202e9ad71d0
  118. r14=ffff9202e9ad7690 r15=0000000000000000
  119. iopl=0 nv up ei pl zr na po nc
  120. cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00050246
  121. NETIO!StreamInvokeCalloutAndNormalizeAction+0x5c:
  122. fffff806`46e4d744 488b4808 mov rcx,qword ptr [rax+8] ds:002b:00000000`00000008=????????????????
  123. Resetting default scope
  124. CUSTOMER_CRASH_COUNT: 1
  125.  
  126. PROCESS_NAME: System
  127.  
  128. CURRENT_IRQL: 0
  129. ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
  130. EXCEPTION_CODE_STR: c0000005
  131. EXCEPTION_PARAMETER1: 0000000000000000
  132. EXCEPTION_PARAMETER2: 0000000000000008
  133. FOLLOWUP_IP:
  134. NETIO!StreamInvokeCalloutAndNormalizeAction+5c
  135. fffff806`46e4d744 488b4808 mov rcx,qword ptr [rax+8]
  136. READ_ADDRESS: fffff80643efa388: Unable to get MiVisibleState
  137. 0000000000000008
  138. BUGCHECK_STR: AV
  139. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  140. LAST_CONTROL_TRANSFER: from fffff80646e4d458 to fffff80646e4d744
  141. STACK_TEXT:
  142. ffff9202`e9ad6d70 fffff806`46e4d458 : ffff9202`e9ad71d0 ffffe784`14d92010 00000000`00000000 ffffe784`14d92010 : NETIO!StreamInvokeCalloutAndNormalizeAction+0x5c
  143. ffff9202`e9ad6e40 fffff806`46e4cad6 : ffffe784`09ec0014 fffff806`5be6c1f0 00000000`00000002 ffffe784`120ac9e0 : NETIO!StreamProcessCallout+0x3fc
  144. ffff9202`e9ad6f70 fffff806`46e4953b : 00000004`00000014 ffffe784`120ac9e0 ffffe784`15e6e1c0 ffff9202`e9ad7690 : NETIO!ProcessCallout+0x706
  145. ffff9202`e9ad70f0 fffff806`46e480da : ffffe784`16768760 ffffe784`09f47960 00000000`00000000 ffffe784`00000000 : NETIO!ArbitrateAndEnforce+0x71b
  146. ffff9202`e9ad7250 fffff806`46e9a02a : ffffe784`12fc8040 ffff9202`e9ad7711 ffffe784`132889b0 ffffe784`13e82d00 : NETIO!KfdClassify+0x37a
  147. ffff9202`e9ad7640 fffff806`46e99a4f : 00000000`00000000 ffff9202`e9ad77e1 00000000`000005a0 00000000`00000000 : NETIO!StreamInternalClassify+0x106
  148. ffff9202`e9ad7760 fffff806`46e9690b : 00000000`00000014 ffffe784`15e6e010 00000000`00000000 ffffe784`13e82da0 : NETIO!StreamInject+0x253
  149. ffff9202`e9ad7830 fffff806`4722a1fd : ffffe784`15e6e010 00000000`00000106 00000000`00000000 fffff806`00000001 : NETIO!FwppStreamInject+0x13b
  150. ffff9202`e9ad78c0 fffff806`5983c9cf : ffffe784`1620d5a0 00000000`000005a0 ffffe784`13e82da0 00000000`00000000 : fwpkclnt!FwpsStreamInjectAsync0+0xfd
  151. ffff9202`e9ad7920 ffffe784`1620d5a0 : 00000000`000005a0 ffffe784`13e82da0 00000000`00000000 00000000`00000106 : vsdatant+0xc9cf
  152. ffff9202`e9ad7928 00000000`000005a0 : ffffe784`13e82da0 00000000`00000000 00000000`00000106 00000000`00000014 : 0xffffe784`1620d5a0
  153. ffff9202`e9ad7930 ffffe784`13e82da0 : 00000000`00000000 00000000`00000106 00000000`00000014 fffff806`00000001 : 0x5a0
  154. ffff9202`e9ad7938 00000000`00000000 : 00000000`00000106 00000000`00000014 fffff806`00000001 ffffe784`13e82da0 : 0xffffe784`13e82da0
  155. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  156. fffff806435467b5-fffff806435467b6 2 bytes - nt!MiDeleteNonPagedPoolTail+45
  157. [ 80 fa:00 f9 ]
  158. fffff80643584f3e-fffff80643584f41 4 bytes - nt!MiFreeUltraMapping+32 (+0x3e789)
  159. [ a0 7d fb f6:80 21 43 86 ]
  160. 6 errors : !nt (fffff806435467b5-fffff80643584f41)
  161. MODULE_NAME: memory_corruption
  162.  
  163. IMAGE_NAME: memory_corruption
  164.  
  165. FOLLOWUP_NAME: memory_corruption
  166. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  167. MEMORY_CORRUPTOR: LARGE
  168. STACK_COMMAND: .cxr 0xffff9202e9ad6370 ; kb
  169. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  170. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  171. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  172. TARGET_TIME: 2020-07-23T20:24:57.000Z
  173. SUITE_MASK: 272
  174. PRODUCT_TYPE: 1
  175. USER_LCID: 0
  176. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  177. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  178. Followup: memory_corruption
  179.  
  180. ====================== Dump #1: 3RD PARTY DRIVERS ======================
  181.  
  182. May 05 2007 - klwtp.sys - Kaspersky WFP Network Connection Filter Driver https://www.kaspersky.com/
  183. Jan 07 2015 - klim6.sys - Kaspersky Lab Intermediate Network Driver https://www.kaspersky.com/
  184. Sep 13 2016 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  185. Mar 11 2017 - vsdatant.sys - ZoneAlarm Anti-Virus http://www.zonealarm.com/
  186. Dec 19 2018 - idmwfp.sys - Internet Download Manager WFP driver (Tonec Inc.)
  187. Jan 22 2019 - klupd_klif_kimul.sys - Kaspersky Kernel Heuristics Engine https://www.kaspersky.com/
  188. Feb 15 2019 - cm_km.sys - Kaspersky Cryptographic Module Driver
  189. Feb 26 2019 - klwfp.sys - Kaspersky Network filtering component https://www.kaspersky.com/
  190. Feb 27 2019 - epregflt.sys - Endpoint Security Registry Filter driver (Check Point Software Tech)
  191. Apr 04 2019 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
  192. May 07 2019 - e1d68x64.sys - Intel(R) Gigabit Adapter driver
  193. Oct 06 2019 - epnetflt.sys - Endpoint Security Network Filter driver (Check Point Software Tech)
  194. Oct 06 2019 - epklib.sys - Endpoint Security driver (Check Point Software Tech)
  195. Oct 23 2019 - CPEPMon.sys - Endpoint Security Monitor driver (Check Point Software Tech)
  196. Oct 31 2019 - cpbak.sys - Endpoint Security driver (Check Point Software Tech)
  197. Mar 13 2020 - klif.sys - Kaspersky Lab Intruder Filter driver https://www.kaspersky.com/
  198. Mar 20 2020 - klupd_klif_klark.sys - Kaspersky https://www.kaspersky.com/
  199. Mar 20 2020 - klupd_klif_mark.sys - Kaspersky Lab Anti-Rootkit Engine https://www.kaspersky.com
  200. Mar 22 2020 - 8D97ADB53C41E0C429ADEE347001660D.sys -
  201. Mar 24 2020 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  202. Apr 28 2020 - klgse.sys - Kaspersky Security Extender driver
  203. Apr 28 2020 - klhk.sys - Kaspersky Lab service driver https://www.kaspersky.com/
  204. Jun 11 2020 - klids.sys - Kaspersky Lab IDS Engine https://www.kaspersky.com/
  205. Mar 13 2029 - klpd.sys - Kaspersky Format Recognizer https://www.kaspersky.com/
  206. Aug 13 2029 - klflt.sys - Kaspersky Filter Core https://www.kaspersky.com/
  207. Apr 21 2030 - klkbdflt2.sys - Kaspersky Lab Light Keyboard Device Filter driver
  208. ***** Invalid (B1F414C8) - kldisk.sys - Kaspersky Virtual Disk driver https://www.kaspersky.com/
  209. ***** Invalid (E34C73F4) - kneps.sys - Kaspersky KNEPS Power https://www.kaspersky.com/
  210.  
  211. ================== Dump #1: 3RD PARTY DRIVERS (FULL) ===================
  212.  
  213. Image path: \SystemRoot\system32\DRIVERS\klwtp.sys
  214. Image name: klwtp.sys
  215. Search : https://www.google.com/search?q=klwtp.sys
  216. ADA Info : Kaspersky WFP Network Connection Filter Driver https://www.kaspersky.com/
  217. Timestamp : Sat May 5 2007
  218.  
  219. Image path: \SystemRoot\system32\DRIVERS\klim6.sys
  220. Image name: klim6.sys
  221. Search : https://www.google.com/search?q=klim6.sys
  222. ADA Info : Kaspersky Lab Intermediate Network Driver https://www.kaspersky.com/
  223. Timestamp : Wed Jan 7 2015
  224.  
  225. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  226. Image name: RTKVHD64.sys
  227. Search : https://www.google.com/search?q=RTKVHD64.sys
  228. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  229. Timestamp : Tue Sep 13 2016
  230.  
  231. Image path: \SystemRoot\System32\drivers\vsdatant.sys
  232. Image name: vsdatant.sys
  233. Search : https://www.google.com/search?q=vsdatant.sys
  234. ADA Info : ZoneAlarm Anti-Virus http://www.zonealarm.com/
  235. Timestamp : Sat Mar 11 2017
  236.  
  237. Image path: \SystemRoot\system32\DRIVERS\idmwfp.sys
  238. Image name: idmwfp.sys
  239. Search : https://www.google.com/search?q=idmwfp.sys
  240. ADA Info : Internet Download Manager WFP driver (Tonec Inc.)
  241. Timestamp : Wed Dec 19 2018
  242.  
  243. Image path: \SystemRoot\System32\Drivers\klupd_klif_kimul.sys
  244. Image name: klupd_klif_kimul.sys
  245. Search : https://www.google.com/search?q=klupd_klif_kimul.sys
  246. ADA Info : Kaspersky Kernel Heuristics Engine https://www.kaspersky.com/
  247. Timestamp : Tue Jan 22 2019
  248.  
  249. Image path: \SystemRoot\system32\DRIVERS\cm_km.sys
  250. Image name: cm_km.sys
  251. Search : https://www.google.com/search?q=cm_km.sys
  252. ADA Info : Kaspersky Cryptographic Module Driver
  253. Timestamp : Fri Feb 15 2019
  254.  
  255. Image path: \SystemRoot\system32\DRIVERS\klwfp.sys
  256. Image name: klwfp.sys
  257. Search : https://www.google.com/search?q=klwfp.sys
  258. ADA Info : Kaspersky Network filtering component https://www.kaspersky.com/
  259. Timestamp : Tue Feb 26 2019
  260.  
  261. Image path: \??\C:\Windows\system32\drivers\epregflt.sys
  262. Image name: epregflt.sys
  263. Search : https://www.google.com/search?q=epregflt.sys
  264. ADA Info : Endpoint Security Registry Filter driver (Check Point Software Tech)
  265. Timestamp : Wed Feb 27 2019
  266.  
  267. Image path: \SystemRoot\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys
  268. Image name: TeeDriverW8x64.sys
  269. Search : https://www.google.com/search?q=TeeDriverW8x64.sys
  270. ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
  271. Timestamp : Thu Apr 4 2019
  272.  
  273. Image path: \SystemRoot\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_546eef898d5d49f9\e1d68x64.sys
  274. Image name: e1d68x64.sys
  275. Search : https://www.google.com/search?q=e1d68x64.sys
  276. ADA Info : Intel(R) Gigabit Adapter driver
  277. Timestamp : Tue May 7 2019
  278.  
  279. Image path: \??\C:\Windows\system32\drivers\epnetflt.sys
  280. Image name: epnetflt.sys
  281. Search : https://www.google.com/search?q=epnetflt.sys
  282. ADA Info : Endpoint Security Network Filter driver (Check Point Software Tech)
  283. Timestamp : Sun Oct 6 2019
  284.  
  285. Image path: \SystemRoot\system32\DRIVERS\epklib.sys
  286. Image name: epklib.sys
  287. Search : https://www.google.com/search?q=epklib.sys
  288. ADA Info : Endpoint Security driver (Check Point Software Tech)
  289. Timestamp : Sun Oct 6 2019
  290.  
  291. Image path: \SystemRoot\system32\DRIVERS\CPEPMon.sys
  292. Image name: CPEPMon.sys
  293. Search : https://www.google.com/search?q=CPEPMon.sys
  294. ADA Info : Endpoint Security Monitor driver (Check Point Software Tech)
  295. Timestamp : Wed Oct 23 2019
  296.  
  297. Image path: \SystemRoot\system32\DRIVERS\cpbak.sys
  298. Image name: cpbak.sys
  299. Search : https://www.google.com/search?q=cpbak.sys
  300. ADA Info : Endpoint Security driver (Check Point Software Tech)
  301. Timestamp : Thu Oct 31 2019
  302.  
  303. Image path: \SystemRoot\system32\DRIVERS\klif.sys
  304. Image name: klif.sys
  305. Search : https://www.google.com/search?q=klif.sys
  306. ADA Info : Kaspersky Lab Intruder Filter driver https://www.kaspersky.com/
  307. Timestamp : Fri Mar 13 2020
  308.  
  309. Image path: \SystemRoot\System32\Drivers\klupd_klif_klark.sys
  310. Image name: klupd_klif_klark.sys
  311. Search : https://www.google.com/search?q=klupd_klif_klark.sys
  312. ADA Info : Kaspersky https://www.kaspersky.com/
  313. Timestamp : Fri Mar 20 2020
  314.  
  315. Image path: \SystemRoot\System32\Drivers\klupd_klif_mark.sys
  316. Image name: klupd_klif_mark.sys
  317. Search : https://www.google.com/search?q=klupd_klif_mark.sys
  318. ADA Info : Kaspersky Lab Anti-Rootkit Engine https://www.kaspersky.com
  319. Timestamp : Fri Mar 20 2020
  320.  
  321. Image path: \??\C:\Users\saurav\AppData\Local\Temp\{D1EA06B5-BFC7-458A-B3B7-F9849DEB866A}\8D97ADB53C41E0C429ADEE347001660D.sys
  322. Image name: 8D97ADB53C41E0C429ADEE347001660D.sys
  323. Search : https://www.google.com/search?q=8D97ADB53C41E0C429ADEE347001660D.sys
  324. Timestamp : Sun Mar 22 2020
  325.  
  326. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5287c583fc2a7e41\nvlddmkm.sys
  327. Image name: nvlddmkm.sys
  328. Search : https://www.google.com/search?q=nvlddmkm.sys
  329. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  330. Timestamp : Tue Mar 24 2020
  331.  
  332. Image path: \SystemRoot\system32\DRIVERS\klgse.sys
  333. Image name: klgse.sys
  334. Search : https://www.google.com/search?q=klgse.sys
  335. ADA Info : Kaspersky Security Extender driver
  336. Timestamp : Tue Apr 28 2020
  337.  
  338. Image path: \SystemRoot\system32\DRIVERS\klhk.sys
  339. Image name: klhk.sys
  340. Search : https://www.google.com/search?q=klhk.sys
  341. ADA Info : Kaspersky Lab service driver https://www.kaspersky.com/
  342. Timestamp : Tue Apr 28 2020
  343.  
  344. Image path: \??\C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys
  345. Image name: klids.sys
  346. Search : https://www.google.com/search?q=klids.sys
  347. ADA Info : Kaspersky Lab IDS Engine https://www.kaspersky.com/
  348. Timestamp : Thu Jun 11 2020
  349.  
  350. Image path: \SystemRoot\system32\DRIVERS\klpd.sys
  351. Image name: klpd.sys
  352. Search : https://www.google.com/search?q=klpd.sys
  353. ADA Info : Kaspersky Format Recognizer https://www.kaspersky.com/
  354. Timestamp : Tue Mar 13 2029
  355.  
  356. Image path: \SystemRoot\system32\DRIVERS\klflt.sys
  357. Image name: klflt.sys
  358. Search : https://www.google.com/search?q=klflt.sys
  359. ADA Info : Kaspersky Filter Core https://www.kaspersky.com/
  360. Timestamp : Mon Aug 13 2029
  361.  
  362. Image path: \SystemRoot\system32\DRIVERS\klkbdflt2.sys
  363. Image name: klkbdflt2.sys
  364. Search : https://www.google.com/search?q=klkbdflt2.sys
  365. ADA Info : Kaspersky Lab Light Keyboard Device Filter driver
  366. Timestamp : Sun Apr 21 2030
  367.  
  368. Image path: \SystemRoot\system32\DRIVERS\kldisk.sys
  369. Image name: kldisk.sys
  370. Search : https://www.google.com/search?q=kldisk.sys
  371. ADA Info : Kaspersky Virtual Disk driver https://www.kaspersky.com/
  372. Timestamp : ***** Invalid (B1F414C8)
  373.  
  374. Image path: \SystemRoot\system32\DRIVERS\kneps.sys
  375. Image name: kneps.sys
  376. Search : https://www.google.com/search?q=kneps.sys
  377. ADA Info : Kaspersky KNEPS Power https://www.kaspersky.com/
  378. Timestamp : ***** Invalid (E34C73F4)
  379.  
  380. ====================== Dump #1: MICROSOFT DRIVERS ======================
  381.  
  382. ACPI.sys ACPI Driver for NT (Microsoft)
  383. acpiex.sys ACPIEx Driver (Microsoft)
  384. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  385. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  386. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  387. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  388. ahcache.sys Application Compatibility Cache (Microsoft)
  389. bam.sys BAM Kernal driver (Microsoft)
  390. BasicDisplay.sys Basic Display driver (Microsoft)
  391. BasicRender.sys Basic Render driver (Microsoft)
  392. Beep.SYS BEEP driver (Microsoft)
  393. bindflt.sys Windows Bind Filter driver (Microsoft)
  394. BOOTVID.dll VGA Boot Driver (Microsoft)
  395. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  396. cdd.dll Canonical Display Driver (Microsoft)
  397. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  398. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  399. CI.dll Code Integrity Module (Microsoft)
  400. CimFS.SYS Consumer IR Class Driver for eHome (Microsoft)
  401. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  402. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  403. CLFS.SYS Common Log File System Driver (Microsoft)
  404. clipsp.sys CLIP Service (Microsoft)
  405. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  406. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  407. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  408. condrv.sys Console Driver (Microsoft)
  409. crashdmp.sys Crash Dump driver (Microsoft)
  410. csc.sys Windows Client Side Caching driver (Microsoft)
  411. dfsc.sys DFS Namespace Client Driver (Microsoft)
  412. disk.sys PnP Disk Driver (Microsoft)
  413. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  414. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  415. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  416. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  417. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  418. dxgmms2.sys DirectX Graphics MMS
  419. fastfat.SYS Fast FAT File System Driver (Microsoft)
  420. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  421. fileinfo.sys FileInfo Filter Driver (Microsoft)
  422. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  423. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  424. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  425. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  426. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  427. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  428. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  429. HdAudio.sys High Definition Audio Function driver (Microsoft)
  430. HIDCLASS.SYS Hid Class Library (Microsoft)
  431. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  432. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  433. HTTP.sys HTTP Protocol Stack (Microsoft)
  434. intelpep.sys Intel Power Engine Plugin (Microsoft)
  435. intelppm.sys Processor Device Driver (Microsoft)
  436. IntelTA.sys Intel Telemetry Driver
  437. iorate.sys I/O rate control Filter (Microsoft)
  438. kbdclass.sys Keyboard Class Driver (Microsoft)
  439. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  440. kd.dll Local Kernal Debugger (Microsoft)
  441. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  442. ks.sys Kernal CSA Library (Microsoft)
  443. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  444. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  445. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  446. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  447. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  448. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  449. mmcss.sys MMCSS Driver (Microsoft)
  450. monitor.sys Monitor Driver (Microsoft)
  451. mouclass.sys Mouse Class Driver (Microsoft)
  452. mouhid.sys HID Mouse Filter Driver (Microsoft)
  453. mountmgr.sys Mount Point Manager (Microsoft)
  454. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  455. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  456. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  457. Msfs.SYS Mailslot driver (Microsoft)
  458. msisadrv.sys ISA Driver (Microsoft)
  459. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  460. msquic.sys Windows QUIC Driver
  461. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  462. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
  463. mssmbios.sys System Management BIOS driver (Microsoft)
  464. mup.sys Multiple UNC Provider driver (Microsoft)
  465. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  466. ndiscap.sys Microsoft NDIS Packet Capture Filter Driver
  467. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  468. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  469. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  470. NDProxy.sys NDIS Proxy driver (Microsoft)
  471. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  472. netbios.sys NetBIOS Interface driver (Microsoft)
  473. netbt.sys MBT Transport driver (Microsoft)
  474. NETIO.SYS Network I/O Subsystem (Microsoft)
  475. Npfs.SYS NPFS driver (Microsoft)
  476. npsvctrig.sys Named pipe service triggers (Microsoft)
  477. nsiproxy.sys NSI Proxy driver (Microsoft)
  478. Ntfs.sys NT File System Driver (Microsoft)
  479. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  480. ntosext.sys NTOS Extension Host driver (Microsoft)
  481. Null.SYS NULL Driver (Microsoft)
  482. pacer.sys QoS Packet Scheduler (Microsoft)
  483. partmgr.sys Partition driver (Microsoft)
  484. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  485. pcw.sys Performance Counter Driver (Microsoft)
  486. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  487. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  488. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  489. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  490. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  491. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  492. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  493. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  494. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  495. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  496. rdyboost.sys ReadyBoost Driver (Microsoft)
  497. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  498. serenum.sys Serial Port Enumerator (Microsoft)
  499. serial.sys Serial Device Driver
  500. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  501. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  502. spaceport.sys Storage Spaces driver (Microsoft)
  503. srv2.sys Smb 2.0 Server driver (Microsoft)
  504. srvnet.sys Server Network driver (Microsoft)
  505. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  506. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  507. storqosflt.sys Storage QoS Filter driver (Microsoft)
  508. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  509. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  510. tcpip.sys TCP/IP Protocol driver (Microsoft)
  511. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  512. TDI.SYS TDI Wrapper driver (Microsoft)
  513. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  514. tm.sys Kernel Transaction Manager driver (Microsoft)
  515. ucx01000.sys USB Controller Extension (Microsoft)
  516. UEFI.sys UEFI NT driver (Microsoft)
  517. umbus.sys User-Mode Bus Enumerator (Microsoft)
  518. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  519. USBD.SYS Universal Serial Bus Driver (Microsoft)
  520. UsbHub3.sys USB3 HUB driver (Microsoft)
  521. USBSTOR.SYS USB Mass Storage Class driver (Microsoft)
  522. USBXHCI.SYS USB XHCI driver (Microsoft)
  523. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  524. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  525. volmgr.sys Volume Manager Driver (Microsoft)
  526. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  527. volsnap.sys Volume Shadow Copy driver (Microsoft)
  528. volume.sys Volume driver (Microsoft)
  529. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  530. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  531. watchdog.sys Watchdog driver (Microsoft)
  532. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  533. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  534. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  535. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  536. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  537. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  538. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  539. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  540. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  541. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  542. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  543. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  544. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  545. Wof.sys Windows Overlay Filter (Microsoft)
  546. WpdUpFltr.sys Portable Device Upper Class Filter driver (Microsoft)
  547. WppRecorder.sys WPP Trace Recorder (Microsoft)
  548. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  549.  
  550. ====================== Dump #1: UNLOADED MODULES =======================
  551.  
  552. fffff806`5bf50000 fffff806`5bf89000 klids.sys
  553. fffff806`5e4b0000 fffff806`5e4be000 kltap.sys
  554. fffff806`46980000 fffff806`469e8000 WdFilter.sys
  555. fffff806`5bf50000 fffff806`5bf61000 MpKslDrv.sys
  556. fffff806`5e340000 fffff806`5e356000 WdNisDrv.sys
  557. fffff806`5e360000 fffff806`5e38c000 519F781EFCFE
  558. fffff806`59f90000 fffff806`59f9f000 dump_storpor
  559. fffff806`59200000 fffff806`59233000 dump_storahc
  560. fffff806`59260000 fffff806`5927e000 dump_dumpfve
  561. fffff806`468f0000 fffff806`4690d000 EhStorClass.
  562. fffff806`59d80000 fffff806`59d9c000 dam.sys
  563. fffff806`46450000 fffff806`46461000 WdBoot.sys
  564. fffff806`474d0000 fffff806`474e0000 hwpolicy.sys
  565.  
  566. ====================== Dump #1: BIOS INFORMATION =======================
  567.  
  568. [SMBIOS Data Tables v3.1]
  569. [DMI Version - 0]
  570. [2.0 Calling Convention - No]
  571. [Table Size - 3252 bytes]
  572. [BIOS Information (Type 0) - Length 26 - Handle 0000h]
  573. Vendor American Megatrends Inc.
  574. BIOS Version P1.30
  575. BIOS Starting Address Segment f000
  576. BIOS Release Date 05/25/2018
  577. BIOS ROM Size 1000000
  578. BIOS Characteristics
  579. 07: - PCI Supported
  580. 11: - Upgradeable FLASH BIOS
  581. 12: - BIOS Shadowing Supported
  582. 15: - CD-Boot Supported
  583. 16: - Selectable Boot Supported
  584. 17: - BIOS ROM Socketed
  585. 19: - EDD Supported
  586. 23: - 1.2MB Floppy Supported
  587. 24: - 720KB Floppy Supported
  588. 25: - 2.88MB Floppy Supported
  589. 26: - Print Screen Device Supported
  590. 27: - Keyboard Services Supported
  591. 28: - Serial Services Supported
  592. 29: - Printer Services Supported
  593. 32: - BIOS Vendor Reserved
  594. BIOS Characteristic Extensions
  595. 00: - ACPI Supported
  596. 01: - USB Legacy Supported
  597. 08: - BIOS Boot Specification Supported
  598. 10: - Specification Reserved
  599. 11: - Specification Reserved
  600. BIOS Major Revision 5
  601. BIOS Minor Revision 13
  602. EC Firmware Major Revision 255
  603. EC Firmware Minor Revision 255
  604. [System Information (Type 1) - Length 27 - Handle 0001h]
  605. UUID 00000000-0000-0000-0000-000000000000
  606. Wakeup Type Power Switch
  607. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
  608. Manufacturer ASRock
  609. Product B360 Pro4
  610. Version
  611. Feature Flags 09h
  612. 1995224800: - 1995224848: - «?ºù
  613. Location
  614. Chassis Handle 0003h
  615. Board Type 0ah - Processor/Memory Module
  616. Number of Child Handles 0
  617. [System Enclosure (Type 3) - Length 22 - Handle 0003h]
  618. Chassis Type Desktop
  619. Bootup State Safe
  620. Power Supply State Safe
  621. Thermal State Safe
  622. Security Status None
  623. OEM Defined 0
  624. Height 0U
  625. Number of Power Cords 1
  626. Number of Contained Elements 0
  627. Contained Element Size 3
  628. [OEM Strings (Type 11) - Length 5 - Handle 000ch]
  629. Number of Strings 1
  630. [Physical Memory Array (Type 16) - Length 23 - Handle 000fh]
  631. Location 03h - SystemBoard/Motherboard
  632. Use 03h - System Memory
  633. Memory Error Correction 03h - None
  634. Maximum Capacity 67108864KB
  635. Number of Memory Devices 4
  636. [Memory Device (Type 17) - Length 40 - Handle 0010h]
  637. Physical Memory Array Handle 000fh
  638. Total Width 64 bits
  639. Data Width 64 bits
  640. Size 8192MB
  641. Form Factor 09h - DIMM
  642. Device Locator ChannelA-DIMM0
  643. Bank Locator BANK 0
  644. Memory Type 1ah - Specification Reserved
  645. Type Detail 0080h - Synchronous
  646. Speed 2400MHz
  647. Manufacturer 8313
  648. Part Number CL16-16-16 D4-2400
  649. [Memory Device (Type 17) - Length 40 - Handle 0011h]
  650. Physical Memory Array Handle 000fh
  651. Total Width 0 bits
  652. Data Width 0 bits
  653. Form Factor 09h - DIMM
  654. Device Locator ChannelA-DIMM1
  655. Bank Locator BANK 1
  656. Memory Type 02h - Unknown
  657. Type Detail 0000h -
  658. Speed 0MHz
  659. [Memory Device (Type 17) - Length 40 - Handle 0012h]
  660. Physical Memory Array Handle 000fh
  661. Total Width 64 bits
  662. Data Width 64 bits
  663. Size 8192MB
  664. Form Factor 09h - DIMM
  665. Device Locator ChannelB-DIMM0
  666. Bank Locator BANK 2
  667. Memory Type 1ah - Specification Reserved
  668. Type Detail 0080h - Synchronous
  669. Speed 2400MHz
  670. Manufacturer 8313
  671. Part Number CL16-16-16 D4-2400
  672. [Memory Device (Type 17) - Length 40 - Handle 0013h]
  673. Physical Memory Array Handle 000fh
  674. Total Width 0 bits
  675. Data Width 0 bits
  676. Form Factor 09h - DIMM
  677. Device Locator ChannelB-DIMM1
  678. Bank Locator BANK 3
  679. Memory Type 02h - Unknown
  680. Type Detail 0000h -
  681. Speed 0MHz
  682. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 0014h]
  683. Starting Address 00000000h
  684. Ending Address 00ffffffh
  685. Memory Array Handle 000fh
  686. Partition Width 02
  687. [Cache Information (Type 7) - Length 19 - Handle 001ah]
  688. Socket Designation L1 Cache
  689. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  690. Maximum Cache Size 0180h - 384K
  691. Installed Size 0180h - 384K
  692. Supported SRAM Type 0020h - Synchronous
  693. Current SRAM Type 0020h - Synchronous
  694. Cache Speed 0ns
  695. Error Correction Type ParitySingle-Bit ECC
  696. System Cache Type Unified
  697. Associativity 8-way Set-Associative
  698. [Cache Information (Type 7) - Length 19 - Handle 001bh]
  699. Socket Designation L2 Cache
  700. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
  701. Maximum Cache Size 0600h - 1536K
  702. Installed Size 0600h - 1536K
  703. Supported SRAM Type 0020h - Synchronous
  704. Current SRAM Type 0020h - Synchronous
  705. Cache Speed 0ns
  706. Error Correction Type Multi-Bit ECC
  707. System Cache Type Unified
  708. Associativity 4-way Set-Associative
  709. [Cache Information (Type 7) - Length 19 - Handle 001ch]
  710. Socket Designation L3 Cache
  711. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
  712. Maximum Cache Size 2400h - 9216K
  713. Installed Size 2400h - 9216K
  714. Supported SRAM Type 0020h - Synchronous
  715. Current SRAM Type 0020h - Synchronous
  716. Cache Speed 0ns
  717. Error Correction Type Specification Reserved
  718. System Cache Type Unified
  719. Associativity Specification Reserved
  720. [Processor Information (Type 4) - Length 48 - Handle 001dh]
  721. Socket Designation CPUSocket
  722. Processor Type Central Processor
  723. Processor Family cdh - Specification Reserved
  724. Processor Manufacturer Intel(R) Corporation
  725. Processor ID ea060900fffbebbf
  726. Processor Version Intel(R) Core(TM) i5-8400 CPU @ 2.80GHz
  727. Processor Voltage 89h - 0.9V
  728. External Clock 100MHz
  729. Max Speed 8300MHz
  730. Current Speed 2800MHz
  731. Status Enabled Populated
  732. Processor Upgrade Other
  733. L1 Cache Handle 001ah
  734. L2 Cache Handle 001bh
  735. L3 Cache Handle 001ch
  736. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 001eh]
  737. Starting Address 00000000h
  738. Ending Address 007fffffh
  739. Memory Device Handle 0010h
  740. Mem Array Mapped Adr Handle 0014h
  741. Partition Row Position 01
  742. Interleave Position 01
  743. Interleave Data Depth 02
  744. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 001fh]
  745. Starting Address 00800000h
  746. Ending Address 00ffffffh
  747. Memory Device Handle 0012h
  748. Mem Array Mapped Adr Handle 0014h
  749. Partition Row Position 01
  750. Interleave Position 02
  751. Interleave Data Depth 02
  752.  
  753. ========================== Dump #1: Extra #1 ===========================
  754.  
  755. 4: kd> !verifier
  756. Verify Flags Level 0x00000000
  757. STANDARD FLAGS:
  758. [X] (0x00000000) Automatic Checks
  759. [ ] (0x00000001) Special pool
  760. [ ] (0x00000002) Force IRQL checking
  761. [ ] (0x00000008) Pool tracking
  762. [ ] (0x00000010) I/O verification
  763. [ ] (0x00000020) Deadlock detection
  764. [ ] (0x00000080) DMA checking
  765. [ ] (0x00000100) Security checks
  766. [ ] (0x00000800) Miscellaneous checks
  767. [ ] (0x00020000) DDI compliance checking
  768. ADDITIONAL FLAGS:
  769. [ ] (0x00000004) Randomized low resources simulation
  770. [ ] (0x00000200) Force pending I/O requests
  771. [ ] (0x00000400) IRP logging
  772. [ ] (0x00002000) Invariant MDL checking for stack
  773. [ ] (0x00004000) Invariant MDL checking for driver
  774. [ ] (0x00008000) Power framework delay fuzzing
  775. [ ] (0x00010000) Port/miniport interface checking
  776. [ ] (0x00040000) Systematic low resources simulation
  777. [ ] (0x00080000) DDI compliance checking (additional)
  778. [ ] (0x00200000) NDIS/WIFI verification
  779. [ ] (0x00800000) Kernel synchronization delay fuzzing
  780. [ ] (0x01000000) VM switch verification
  781. [ ] (0x02000000) Code integrity checks
  782. [X] Indicates flag is enabled
  783. Summary of All Verifier Statistics
  784. RaiseIrqls 0x0
  785. AcquireSpinLocks 0x0
  786. Synch Executions 0x0
  787. Trims 0x0
  788. Pool Allocations Attempted 0x0
  789. Pool Allocations Succeeded 0x0
  790. Pool Allocations Succeeded SpecialPool 0x0
  791. Pool Allocations With NO TAG 0x0
  792. Pool Allocations Failed 0x0
  793. Current paged pool allocations 0x0 for 00000000 bytes
  794. Peak paged pool allocations 0x0 for 00000000 bytes
  795. Current nonpaged pool allocations 0x0 for 00000000 bytes
  796. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  797.  
  798. ========================== Dump #1: Extra #2 ===========================
  799.  
  800. 4: kd> !thread
  801. THREAD ffffe7840c38d040 Cid 0004.0188 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 4
  802. Not impersonating
  803. GetUlongFromAddress: unable to read from fffff80643e1143c
  804. Owning Process ffffe7840929e040 Image: System
  805. Attached Process N/A Image: N/A
  806. fffff78000000000: Unable to get shared data
  807. Wait Start TickCount 247202
  808. Context Switch Count 27859 IdealProcessor: 3
  809. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  810. UserTime 00:00:00.000
  811. KernelTime 00:00:00.000
  812. Win32 Start Address vsdatant (0xfffff8065984430c)
  813. Stack Init ffff9202e9ad7b90 Current ffff9202e9ad76f0
  814. Base ffff9202e9ad8000 Limit ffff9202e9ad1000 Call 0000000000000000
  815. Priority 8 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
  816. Child-SP RetAddr : Args to Child : Call Site
  817. ffff9202`e9ad6d70 fffff806`46e4d458 : ffff9202`e9ad71d0 ffffe784`14d92010 00000000`00000000 ffffe784`14d92010 : NETIO!StreamInvokeCalloutAndNormalizeAction+0x5c
  818. ffff9202`e9ad6e40 fffff806`46e4cad6 : ffffe784`09ec0014 fffff806`5be6c1f0 00000000`00000002 ffffe784`120ac9e0 : NETIO!StreamProcessCallout+0x3fc
  819. ffff9202`e9ad6f70 fffff806`46e4953b : 00000004`00000014 ffffe784`120ac9e0 ffffe784`15e6e1c0 ffff9202`e9ad7690 : NETIO!ProcessCallout+0x706
  820. ffff9202`e9ad70f0 fffff806`46e480da : ffffe784`16768760 ffffe784`09f47960 00000000`00000000 ffffe784`00000000 : NETIO!ArbitrateAndEnforce+0x71b
  821. ffff9202`e9ad7250 fffff806`46e9a02a : ffffe784`12fc8040 ffff9202`e9ad7711 ffffe784`132889b0 ffffe784`13e82d00 : NETIO!KfdClassify+0x37a
  822. ffff9202`e9ad7640 fffff806`46e99a4f : 00000000`00000000 ffff9202`e9ad77e1 00000000`000005a0 00000000`00000000 : NETIO!StreamInternalClassify+0x106
  823. ffff9202`e9ad7760 fffff806`46e9690b : 00000000`00000014 ffffe784`15e6e010 00000000`00000000 ffffe784`13e82da0 : NETIO!StreamInject+0x253
  824. ffff9202`e9ad7830 fffff806`4722a1fd : ffffe784`15e6e010 00000000`00000106 00000000`00000000 fffff806`00000001 : NETIO!FwppStreamInject+0x13b
  825. ffff9202`e9ad78c0 fffff806`5983c9cf : ffffe784`1620d5a0 00000000`000005a0 ffffe784`13e82da0 00000000`00000000 : fwpkclnt!FwpsStreamInjectAsync0+0xfd
  826. ffff9202`e9ad7920 ffffe784`1620d5a0 : 00000000`000005a0 ffffe784`13e82da0 00000000`00000000 00000000`00000106 : vsdatant+0xc9cf
  827. ffff9202`e9ad7928 00000000`000005a0 : ffffe784`13e82da0 00000000`00000000 00000000`00000106 00000000`00000014 : 0xffffe784`1620d5a0
  828. ffff9202`e9ad7930 ffffe784`13e82da0 : 00000000`00000000 00000000`00000106 00000000`00000014 fffff806`00000001 : 0x5a0
  829. ffff9202`e9ad7938 00000000`00000000 : 00000000`00000106 00000000`00000014 fffff806`00000001 ffffe784`13e82da0 : 0xffffe784`13e82da0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!